feat: production routing support for subdomain and custom domain modes

Double-mount store routes at /store/* and /store/{store_code}/* so the
same handlers work in dev path-based, prod path-based, prod subdomain,
and prod custom-domain modes.  Wire StorePlatform.custom_subdomain into
StoreContextMiddleware for per-platform subdomain overrides.  Add admin
custom-domain management UI, fix stale /shop/ reset link, add
/merchants/ to reserved paths, and server-render window.STORE_CODE for
JS that previously parsed the URL.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

app/modules/tenancy/routes/pages/store.py

@@ -10,7 +10,7 @@ Store pages for authentication and account management:
 - Settings
 """
 
-from fastapi import APIRouter, Depends, Path, Request
+from fastapi import APIRouter, Depends, Request
 from fastapi.responses import HTMLResponse, RedirectResponse
 from sqlalchemy.orm import Session
 
@@ -18,6 +18,7 @@ from app.api.deps import (
     get_current_store_from_cookie_or_header,
     get_current_store_optional,
     get_db,
+    get_resolved_store_code,
 )
 from app.modules.core.utils.page_context import get_store_context
 from app.modules.tenancy.models import User
@@ -31,24 +32,13 @@ router = APIRouter()
 # ============================================================================
 
 
-@router.get("/{store_code}", response_class=RedirectResponse, include_in_schema=False)
-async def store_root_no_slash(store_code: str = Path(..., description="Store code")):
-    """
-    Redirect /store/{code} (no trailing slash) to login page.
-    Handles requests without trailing slash.
-    """
-    return RedirectResponse(url=f"/store/{store_code}/login", status_code=302)
-
-
-@router.get(
-    "/{store_code}/", response_class=RedirectResponse, include_in_schema=False
-)
+@router.get("/", response_class=RedirectResponse, include_in_schema=False)
 async def store_root(
-    store_code: str = Path(..., description="Store code"),
+    store_code: str = Depends(get_resolved_store_code),
     current_user: User | None = Depends(get_current_store_optional),
 ):
     """
-    Redirect /store/{code}/ based on authentication status.
+    Redirect /store/ or /store/{code}/ based on authentication status.
 
     - Authenticated store users -> /store/{code}/dashboard
     - Unauthenticated users -> /store/{code}/login
@@ -62,11 +52,11 @@ async def store_root(
 
 
 @router.get(
-    "/{store_code}/login", response_class=HTMLResponse, include_in_schema=False
+    "/login", response_class=HTMLResponse, include_in_schema=False
 )
 async def store_login_page(
     request: Request,
-    store_code: str = Path(..., description="Store code"),
+    store_code: str = Depends(get_resolved_store_code),
     current_user: User | None = Depends(get_current_store_optional),
 ):
     """
@@ -74,11 +64,6 @@ async def store_login_page(
 
     If user is already authenticated as store, redirect to dashboard.
     Otherwise, show login form.
-
-    JavaScript will:
-    - Load store info via API
-    - Handle login form submission
-    - Redirect to dashboard on success
     """
     if current_user:
         return RedirectResponse(
@@ -100,11 +85,11 @@ async def store_login_page(
 
 
 @router.get(
-    "/{store_code}/team", response_class=HTMLResponse, include_in_schema=False
+    "/team", response_class=HTMLResponse, include_in_schema=False
 )
 async def store_team_page(
     request: Request,
-    store_code: str = Path(..., description="Store code"),
+    store_code: str = Depends(get_resolved_store_code),
     current_user: User = Depends(get_current_store_from_cookie_or_header),
     db: Session = Depends(get_db),
 ):
@@ -119,11 +104,11 @@ async def store_team_page(
 
 
 @router.get(
-    "/{store_code}/profile", response_class=HTMLResponse, include_in_schema=False
+    "/profile", response_class=HTMLResponse, include_in_schema=False
 )
 async def store_profile_page(
     request: Request,
-    store_code: str = Path(..., description="Store code"),
+    store_code: str = Depends(get_resolved_store_code),
     current_user: User = Depends(get_current_store_from_cookie_or_header),
     db: Session = Depends(get_db),
 ):
@@ -138,11 +123,11 @@ async def store_profile_page(
 
 
 @router.get(
-    "/{store_code}/settings", response_class=HTMLResponse, include_in_schema=False
+    "/settings", response_class=HTMLResponse, include_in_schema=False
 )
 async def store_settings_page(
     request: Request,
-    store_code: str = Path(..., description="Store code"),
+    store_code: str = Depends(get_resolved_store_code),
     current_user: User = Depends(get_current_store_from_cookie_or_header),
     db: Session = Depends(get_db),
 ):